Unbreakable encryption remains a pipe dream, even on a quantum Internet

The goal of unbreakable encryption has been a dream of governments since time immemorial. The ancient Greeks sent coded messages by way of a Scytale, which consisted of cloth wrapped around rods on which messages were written. The cloth was unwrapped during transit. An authorized viewer would then re-wrap the cloth around an identically sized rod to read the complete message.

Believe it or not, the Scytale, though easy to break, is in some ways similar to quantum encryption, which is likely unbreakable.

In a quantum computing code system, an object like a photon has its state measured, which is always changing. The state of the photon is the encryption key, which is sent along with a message. Any attempt to monitor this state slows down the data, which ruins the key and makes it very obvious on the other end that someone is trying to tap into the feed.

Cambridge University and Toshiba have put this quantum theory into practice, and they’ve been fairly successful in laboratory settings. The problem, which is where the Scytale has the advantage, is that these unbreakable encryption set-ups are point to point in nature. One computer can send data to another that is pre-programmed to get the signal, and that’s it. The Toshiba/Cambridge setup has a maximum limit of 56 miles too.

The reason for the limitation is because if the signal is sent through a router, that router has to read at least part of the message to know where to forward it. And that is no different from someone trying to eavesdrop on the line. It corrupts the data about the quantum state ever so slightly, but more than enough to ruin the key and destroy and therefore protect the message.

Recently, MIT Technology Review reported that scientists at the Los Alamos National Labs in New Mexico have been running a quantum Internet for almost two years, with all computers on the network able to send and forward secure messages to every other one.

How are they able to do this? Simple. They set up a series of point-to-point connections between computers and a specialized router. Computer A is not sending a quantum-protected signal to Computer B. It’s sending it to the hub. The hub then converts that message back to normal, sees where it’s supposed to go and then sets up a second quantum-state-protected communication to its destination. It’s not Computer A to Computer B. It’s Computer A to hub and then hub to Computer B, or C, or D.

The problem with a system like that is two fold. First, the hub interjects a non-secure element into the communications. The message can be snooped, at least in theory, while it sits in its unencrypted and unprotected state at the hub before being sent off to its destination. Second, all of the connections are pre-programmed, which works fine in what is really a Los Alamos-based Intranet, but could not be setup on the Internet where destinations are constantly in flux. There would have to be many hubs to send a quantum-secured message cross the country, and every one would need to know every possible destination.

But the system at Los Alamos is a good start. Perhaps secure routers could be created and implemented along paths, giving users the option to send a quantum-state secured message if a path is available. For government, this is even more attractive right now. Imagine the Pentagon setting up all of its systems on a completely secure network, something that would easily be possible within a single building, or even a small campus.

inside gcn

Reader Comments

Fri, May 10, 2013
Hugh No
Bernalillo, NM

As mentioned in another comment, there is no such thing as quantum encryption - the system does not do encryption. Because it's so slow, it's not even used for messages - just key exchange. And it's not really an improvement over existing systems, just different and complicated. And if you can use a router with this system, that means you're defeating the whole purpose of the system and showing that a man-in-the-middle attack is possible (which may be the case anyway since a second, conventional channel is required to make this system work). And no one who understands encryption is ever looking for an unbreakable system since that doesn't exist, except for the special case of a one-time pad.

Thu, May 9, 2013
Don Martin
Rancho Santa Margarita, California

I beg to differ. The problem is that the encryption is left intact for a brute force attack. By randomizing the data at the bit post encryption, there is nothing to attack and it just becomes noise. Why manipulate photons in a fiber optic when the data can be randomized at the bit level across multiple lambdas? People have been looking far too close at the problem and merely adding expense and complexity. By randomizing the data across multiple paths there is nothing to be captured or played back. No forensically discernible data is stored at any location. No storage location can be modified without the others being aware. That technology exists today. Feel free to use it at http://tinyurl.com/SFC-CTO

Thu, May 9, 2013
Dourscot
UK

Quantum encryption isn't intended to be "unbreakable" - this article totally misunderstands the technology. It is intended to be verifiable, i.e. that any interception is immediately obvious to the sender and receiver according to the laws of physics. It is not an encryption scheme.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.